No internet “kill switch” for Australia, says Conroy

Communications Minister Stephen Conroy this morning said the Australian Government wouldn’t take the sort of action its counterpart in Egypt has over the past week, in attempting to block communication between protesters in the country by shutting down all access to the internet.

Egypt has attracted international condemnation for its Government’s internet shutdown command, which saw communications in the country severed from January 27 by executive order. Vodafone said services had eventually been restored to its customers in Egypt on Saturday morning, noting in a blog post several days ago that it had no legal options but to comply with “the demands of the the authorities” on the issue.

The issue has attracted questions in Australia about whether such a situation — unlikely though it seems — could eventuate Down Under. Speculation has also run rife on the issue in the wake of news that the United States was considering legislation that would grant the US President “kill switch” powers over the internet in that country.

Telecommunications consultant and commentator David Havyatt wrote on iTNews this week that some legislation does exist in this area in Australia, but ultimately security forces would be unlikely to support any action to cut internet access, and ultimately it would depend on the political power of the Government of the day to push such a move through.

However, this morning Conroy — speaking at the launch of a new HP datacentre in Sydney — told journalists the idea wasn’t being floated in Australia.

“Australia’s a vibrant democracy, where the government doesn’t control the internet,” he said. “I don’t think we have any of these powers — that we could pass a law to make ISP services turn off when we want them to? I don’t think we have that power now, and I don’t think anyone’s seeking it.”

Conroy said in “a pluralistic, open speech, free speech” society such as Australia, he didn’t think the sorts of actions taken “by a whole range of governments in recent times” would be implemented.
“I mean I understand China blocked access to the word Egypt, I read. But those aren’t the sort of actions Australia supports or would participate in,” he said.

Flooding the NBN
Conroy also commented on the potential impact on the National Broadband Network from the recent catastrophic events in Queensland — not just the floods that took out much of the state’s infrastructure, but also tropical cyclone Yasi, whose effects are still being felt in the Sunshine State.

A report in the AustralianIT this morning had suggested that large parts of the Townsville early stage leg of the NBN rollout could be facing a rebuild. However, Conroy said the Townsville rollout was “almost completed”, and that although the flood issue would need to be dealt with, this was not dissimilar from any other infrastructure “that gets hit by 30 year events”.

In addition, he pointed out that the current national copper network operated by Telstra was more susceptible to problems from events such as floods than the next-generation fibre being rolled out by NBN Co — as copper degraded in water. “Fibre is actually a far more robust technology for dealing with, particularly, floods,” he said.

NBN Co would inspect the potential damage, he said, after it was safe to.

As to the matter of whether the Queensland reconstruction project would put pressure on the NBN rollout due to scarce human contracting resources in the state, Conroy said that was an issue for every company. “Just like every other company in Australia, NBN will manage the same sort of pressures as all of those other companies,” he said. However, the Communications Minister noted that the Government had attempted to “calibrate” some of the resourcing issues by cutting back on other infrastructure projects.

Lastly, Conroy gave a very brief update on his opinion of whether the Federal Government’s deal with Telstra over the NBN would land before the company’s imminent results briefing session. “I’m an optimist, so I’ve got my fingers crossed,” he said.

43 COMMENTS

Niether the Australian media nor Conroy is tuned into the controversy over the President of United States right to kill the Internet or any other American or Canadian range of Internet Governance matters.

The current communication laws in America already gives the President the right to flick the Big Red Switch. Unlike Egypt, this is highly likely to affect GLOBAL Internet connectivity.

Also the feeble attempt to see any similarity or connection between Egyptian law and the intended US “Kill Switch” bill is completely stupid and ignorant. PATHETIC!!!

In reality the intent was to allow the president “to protect the U.S. from external cyber attacks,” not to shut down the Internet and to clarify the Presidential power contained in the Communications Act 1934.

Very soon International Internet Governance laws. the final draft subitted late last year at the United Nations General Assembly will prohibit Conroy or any other UN member country from blocking any legitimate traffic.

Many around the world, for quite some time, have already discovered Internet Filtering is ineffectual and will not prevent distribution of kiddie porn which was its original purpose.

Filtering and other technologies such as deep packet inspection are very easy and inexpensive to circumvent. Its not even rocket science for goodness sakes.

While Australia doesn’t have a right to freedom of speech like the US, the implied right to political expression should get in the way of any attempt to create an internet kill switch.

“I don’t think we have that power now, and I don’t think anyone’s seeking it”… Conroy. What about the proposed filter, which gives the gov’t the power to selectively exclude content. Conroy doesn’t have the power, but he is seeking it, even if he doesn’t realise it. Anyone thinking of a constitutional challenge against the filter legislation (if it goes ahead) should look at least Australian Capital Television v. The Commonwealth (1992) 177 CLR 106

Government control of the internet can only lead to disaster.
Currently if Conroy wants to filter content, he has to convince all the major ISP’s to do so.
If the NBN co controls the backbone, then the ISP’s are taken out of the loop and Conroy can do what he pleases.
Governments say a lot of things to appease the masses and bolster their chances of re-election, however these promises are soon forgotten whenever it suits them.
The NBN also allows introduction of an “Internet Levy” – as soon as the NBN runs out of cash, you can be as sure as night follow day, that the wholesale rates for internet access will increase to pay for their bloated bureaucracy.
Fibre to the node is an excellent idea, but it needs to be in the hands of private enterprise.

I’m still not entirely sure what a “external cyber attack” could acomplish, if under threat all sensiative commerical and military data would cease if they felt it was in threat of being intercepted*.

If the purpose is to use traffic to create khaos by interupting and otherwise interjecting milcious traffic into the network, then you will quickly find that your traffic is swiftly (within a few hours) terminated via rejecting your traffic unless you manage to make it self propergating (through the use of a virus) at which time all commerial and sensitive commerical military servers would be disconnect by their adminstrators in order to protect the information, and try and access if they were infected.

If the purpose is to take specific web sites or servers by the use of DDoS then you will find the traffic is traffic is swiftly (within a few hours) terminated via rejecting your traffic and the site remains operation.

In the first case, a “kill switch” is redudant as sensative systems will withdraw themselves from the network anyway. In the second case a “kill switch” is redudant as sensative systems will withdraw themselves from the network anyway. In the first case, a “kill switch” actually plays into the offenders hands by maximising, not minimising, the damage that their DDos service inflicts.

*These days “intercepting” in terms of cyber security means intercepting AND being able to utilise the information before the information becomes irrelevent, as the information is encrypted and very easy to intercept, but if intercepted it is very hard to turn into a meaningful message.

Okay, that makes sense, but as I said, if that starts to happen, international link providers will start to cut off the offending traffic anyway, and probably respond faster to it than the government would.

It just seems complete overkill to have a big red buttion in a room somewhere that says “Switch off the Interwebs”.

Actually I remember reading something somewhere that currently security relies on software/hardware solutions. However this only cover known patterns. Unknown patterns simply go straight through becaise this way relies on updsating both components.

Most know that your anti-virus won’t work to protect you when a new virus arrive and the vendor has not yet provided a signature for it.

Much simpler to cut the international cables at landfall. Does not involve ISPs.

“Much simpler to cut the international cables at landfall. Does not involve ISPs.”

True, it’s simpler, I’ll give it that. But highly prone to abuse.

Let’s say a network provider suddenly becomes aware of some unusual traffic, and they are quickly resloving to fix the problem, and have determined that the damage being done is such that cutting their links will be ineffectual (and if you think network providers when under a security threat don’t think about just cutting all traffic/yanking the cables from the servers you are mistaken, it is afterall as you said the simplest way to get rid of the offending traffic) and just need some time to watch the traffic to determine the pattern so they can write some routing rules that will permantly take care of the problem.

Then, a couple of inexperienced people panic on a smaller network company, and instead of contact the origin network provider, they contact the WhiteHouse. The WhiteHouse then goes into Crisis Mode, and the questions comes up “What kind of defense do we have against this sort of cyber attack?”

“Well Mr President we implemented a kill switch that will kill all traffic in and out of the traffic until we can resolve the crisis.”

The conversation goes on for a few minutes, and the white house comes to the conclusion to cut the lines, meanwhile NO ONE HAS CONTACTED THE NETWORK COMPANY to see if they are aware of the problem, and if they have a timeframe to fix it.

So the lines get cut. And the company JUST worked out how to block the traffic. They then need to get in contact with the Whitehouse, which will be inidated with calls asking why “I can’t Skype my friend in the UK” etc, etc, so there call may take many hours to get up to the top, and you will have caused serveal hours of extra hours worth unnessiary distruption when if the problem had been just left as is, it would have solved itself.

I think the industry is quite capable of self regulating here. As it proved time and time again when sites have come under DDoS, etc, etc. I DON’T think that this “simpiler solution” is nessicary.

Because that situation I just outlined, I can actually see that happening on a REGULAR BASIS.

They will soon know when there is total outage of Wall Street and I don’t think a real CYBER-ATTACK would involve a silly inconvenient DDOS attack. It will be WAR TIME

In the history of most wars, communications blackouts are commonplace and any form you care to mention. This includes the adjustment of Global Positioning Systems to prevent the enemy using it for missile targetting.

And yet if I asked you to define what a “real” cyber-attack would involve you wouldn’t be able to tell me, would you?

Because the Internet isn’t built like that. If you want to take down a specific target or series of targets there are two ways to do it, you infect it, or you saturate it.

If you infect it, the target does down straight away, and cutting the “links” will serve nothing as the if it sends any sensative information it will have purged that information well before you can respond to it, and if you want to respond to it, the first thing you do will be to YANK THE PHYSICAL CABLE not tell the WhiteHouse to “stop all traffic coming in and out of the country.” And then what? One server got infected by a malicious virus, well, let’s just cut all traffic to the country. That seems like a measured response.

If you saturate it, you are DDoSing it, and we all know how easy those are to deal with it.

>>> Much simpler to cut the international cables at landfall. Does not involve ISPs.
Is it? Scenario: create a dormant botnet inside the perimeter, trigger an attack “from inside”. Cutting the cables at the entry points will do nothing.

Think at the LAN-s: until 5-7 years ago a firewall/proxy – that is: “perimeter protection” (hard shell, soft inside) – was enough. With the worms, rootkits, phishing and whatnot, that’s no longer enough, we got to speak of “in-depth security”. If LANs with at most hundreds nodes can no longer afford it, what makes you think it will work for a whole bloody country?

The kind of cyber attacks we’re talking about in order to cause disruption to warrent a country wide “cut” (rather than just isolating the affected servers) will still be detectable even if it is encapsulated within VPN traffic, because it will be a LOT of traffic to do the kind of damage you’re talking about.

You’re talking about traffic where an international links will be saturated. VPN or not, the link is saturated, and someone is going to notice.

A small well designed payload is a virus, worm, or trojan, and once you’re infected with one of those, as stated above, cutting the “links” isn’t going to do much to help. Not on the scale we’re talking about.

Seriously, if I was planning a cyber attack of some kind I wouldn’t send in timed payloads that “detonate” at a specific time. These payloads would do thinks like shut down the server, and send confidental information, etc, etc, but cutting the links out of the country would kind of be useless. Because NO ONE WOULD BE ABLE TO RESPOND FAST ENOUGH. Which is why I think I “kill switch” is a pointless exercise. It will take at least 5 minutes for a human to realise something is wrong, and respond to it, in that time the server has been taken down or a few hundred megs of confidental information has already been delievered. It will take at least half an hour for a response team from the WhiteHouse to assemble. And it will take at least an forty five minutes for them to decide to “cut the links”. In that time, the damage has already been achieved, the confidenetal information has already been delievered, and it’s all over.

Which is exactly my point. You should be spending money working on prevenative measures (redudancy and fallback) and recovery procedures, rather than “kill switch”, because a “kill switch” isn’t going to be effective. It’s like bring a sword to a modern warzone. Sure, if you get in close, and just at the right time, you can take out your enemy, but most of the time they’ll shoot you well before you get there.

Hows about a payload consisting of a mixture of artificial intelligence capable of infiltrating biometrics systems all over the place and replace the corrupt enterprises and governmernts so we don’t have to put up with the idiots looool

“DARPA has announced that its planned “National Cyber Range” – an artificial, sealed-off internet inhabited by simulated nodes, computers, sysadmins, users etc in which the USA can test-fire cyber weapons and practice cyber combat – is to reach demonstration status by July this year.”

The Iranian president Mahmoud Ahmadinejad today seemed to confirm speculation that the Stuxnet worm obstructed his regime’s nuclear ambitions.

“Several” uranium enrichment centrifuges were damaged by the virus, he told a press conference.

“They were able to create problems on a limited basis for some of our centrifuges by software installed in electronic equipment,” Ahmadinejad said.

Security analysts have speculated for months that Stuxnet is a digital weapon aimed at Iran’s nuclear facilities at Bushehr and Natanz.

Reverse engineering of the worm has revealed it is able to infect the Siemens industrial control systems used at the plants. It then makes subtle, damaging changes to frequency converter drives that operate in a frequency range used in uranium enrichment.

He is a flat out liar. We know thanks to the ACMA blacklist being leaked that hundreds of plainly innocent websites were being blacklisted. Along with allegedly criminal websites there was famously the Queensland dentist and a political discussion of euthanasia. Right there we have the government censoring political discussion online, and Conroy knows about this blacklist which is a kill switch for any site on the internet the government doesn’t like. There is no oversight and of course the public can’t be told what’s on the list. He has a kill switch, which I can understand may be necessary for illegal activity, but to lie about it makes me worry about abuses similar to those already exposed.

Filtering is completely separate issue from, and nothing to do with the Internet Kill Switch.

All leaders of governments worldwide have the ability, the right and the duty to blackout the Internet as the Egyptian government has just demonstrated for reasons of National Security. This is the very first time and definately not the last.

Actually they have the right to black out all communication mediums – not just the Internet.

See the first post by Peter. That point to the American legislation – that incudes Pres. Obama.

The US Government already has kill switch power over the internet. It always has. It’s called the FCC.

The FCC dictates what every cable company, telco, wireless provider and anyone using the broadcast spectrum can do and if they tell them to all pull the plug they have to. This was proven with the warantless wiretapping Bush did because he showed that even against the Constitution and no warrant to even tap the lines they can force the industry to do exactly as told.

Nuff said – the kill switch is already in place and it’s called the Federal Communications Commission.

A government regulator is quite different to the proposed “kill switch”.

The FCC can tell someone to disconnect or stop broadcasting, yes, but it may takes hours, even days, for the industry to respond to the instructions, and if they feel they are unjustifed they can Appeal, for example Verzion is appealing the FCC about Net Neutrality rulings as we speak (or trying to, looks like the case was thrown out by the Supreme Court).

The kill switch that they are talking about, the bill that they are proposing, is instead, as I described it before “a big red button in a room marked Switch off the Interwebs” so that if the government feels they are under threat they can suddenly, and instantly, cut all international links against external threats. No need to get the FCC involved, no need to give the providers due time to comply, no need to deal with appeals… just, off.

I’m still trying figure out what the US Federal Communications Commission has to do with any potential for an internet kill switch in Australia.

Hmmm.

It’s true that a huge percentage of the critical mass of the internet exists with the US, but as Wikileaks has ably demonstrated in recent months, you can shut things down in one country, and start them up again pretty darn quickly elsewhere.

The sooner that ALL governments understand that modern communications infrastructure transcends international boundaries, the better it will be, and the closer we’ll come to a true global community.

The “kill switch” is all about United States Homeland Security and nothing else. The only person who can operate the switch is the President of United States currently President Obama and ONLY when there is a war emergency.

“I’m still trying figure out what the US Federal Communications Commission has to do with any potential for an internet kill switch in Australia.”

They don’t and neither does the Australian equivalant, the Telecommunications Industry Ombudsman (TIO) Same goes for the Canadian regulator, Canadian Radio-television and Telecommunications Commission (CRTC)

“The sooner that ALL governments understand that modern communications infrastructure transcends international boundaries, the better it will be, and the closer we’ll come to a true global community.”

The Internet has always been global – problem is governments treat it as a “Walled Garden” and United Nations is the body that currently dealing with it and has done so for the past five years. Decisions have been made and recently a very relevant draft resolution has been submitted to the General Assembly. I am sure Conroy will be hearing from them soon.

God, his manner and speech is just so amateurish.
It really makes Australian politics look awfully silly when our politicians are so slouchy and inarticulate.
I bet Malcom Turnbull would be able to string together a better comeback to such a saucy question. Poor Conroy, he truly is outclassed the minute he gets out of bed every morning.

Welcome! We were an energetic and engaged community of Australians who worked with or who were interested in technology -- all sorts of IT professionals, IT managers, CIOs, tech policy-makers and tech enthusiasts.